lint fixes

grepplabs · Feb 9, 2025 · 06dc622 · 06dc622
1 parent 0f7e8f4
commit 06dc622
Show file tree

Hide file tree

Showing 28 changed files with 155 additions and 152 deletions.
diff --git a/Makefile b/Makefile
@@ -22,6 +22,8 @@ PROTOC_VERSION ?= 22.2
 PROTOC_BIN_DIR := .tools
 PROTOC := $(PROTOC_BIN_DIR)/protoc
 
+GOLANGCI_LINT = go run github.com/golangci/golangci-lint/cmd/golangci-lint@v1.63.4
+
 default: build
 
 test.race:
@@ -33,10 +35,13 @@ test:
 fmt:
 	go fmt $(GOPKGS)
 
-check:
-	golint $(GOPKGS)
+check: lint-code
 	go vet $(GOPKGS)
 
+.PHONY: lint-code
+lint-code:
+	$(GOLANGCI_LINT) run --timeout 5m
+
 .PHONY: build
 build: build/$(BINARY)
 

diff --git a/cmd/kafka-proxy/server.go b/cmd/kafka-proxy/server.go
@@ -450,7 +450,7 @@ func Run(_ *cobra.Command, _ []string) {
 func NewHTTPHandler() http.Handler {
 	m := http.NewServeMux()
 	m.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
-		w.Write([]byte(
+		_, _ = w.Write([]byte(
 			`<html>
 				<head>
 					<title>kafka-proxy service</title>
@@ -462,7 +462,7 @@ func NewHTTPHandler() http.Handler {
 	        </html>`))
 	})
 	m.HandleFunc(c.Http.HealthPath, func(w http.ResponseWriter, r *http.Request) {
-		w.Write([]byte(`OK`))
+		_, _ = w.Write([]byte(`OK`))
 	})
 	m.Handle(c.Http.MetricsPath, promhttp.Handler())
 

diff --git a/cmd/plugin-auth-ldap/main.go b/cmd/plugin-auth-ldap/main.go
@@ -257,7 +257,10 @@ func main() {
 
 	pluginMeta := &pluginMeta{}
 	flags := pluginMeta.flagSet()
-	flags.Parse(os.Args[1:])
+	if err := flags.Parse(os.Args[1:]); err != nil {
+		logrus.Errorf("error parsing flags: %v", err)
+		os.Exit(1)
+	}
 
 	urls, err := pluginMeta.getUrls()
 	if err != nil {

diff --git a/cmd/plugin-auth-user/main.go b/cmd/plugin-auth-user/main.go
@@ -31,7 +31,10 @@ func (f *PasswordAuthenticator) flagSet() *flag.FlagSet {
 func main() {
 	passwordAuthenticator := &PasswordAuthenticator{}
 	flags := passwordAuthenticator.flagSet()
-	flags.Parse(os.Args[1:])
+	if err := flags.Parse(os.Args[1:]); err != nil {
+		logrus.Errorf("error parsing flags: %v", err)
+		os.Exit(1)
+	}
 
 	if passwordAuthenticator.Password == "" {
 		passwordAuthenticator.Password = os.Getenv(EnvSaslPassword)

diff --git a/config/config.go b/config/config.go
@@ -215,60 +215,56 @@ func (c *Config) InitSASLCredentials() (err error) {
 	return nil
 }
 func getDialAddressMappings(dialMapping []string) ([]DialAddressMapping, error) {
-	dialMappings := make([]DialAddressMapping, 0)
-	if dialMapping != nil {
-		for _, v := range dialMapping {
-			pair := strings.Split(v, ",")
-			if len(pair) != 2 {
-				return nil, errors.New("dial-mapping must be in form 'srchost:srcport,dsthost:dstport'")
-			}
-			srcHost, srcPort, err := util.SplitHostPort(pair[0])
-			if err != nil {
-				return nil, err
-			}
-			dstHost, dstPort, err := util.SplitHostPort(pair[1])
-			if err != nil {
-				return nil, err
-			}
-			dialMapping := DialAddressMapping{
-				SourceAddress:      net.JoinHostPort(srcHost, fmt.Sprint(srcPort)),
-				DestinationAddress: net.JoinHostPort(dstHost, fmt.Sprint(dstPort))}
-			dialMappings = append(dialMappings, dialMapping)
+	dialMappings := make([]DialAddressMapping, 0, len(dialMapping))
+	for _, v := range dialMapping {
+		pair := strings.Split(v, ",")
+		if len(pair) != 2 {
+			return nil, errors.New("dial-mapping must be in form 'srchost:srcport,dsthost:dstport'")
+		}
+		srcHost, srcPort, err := util.SplitHostPort(pair[0])
+		if err != nil {
+			return nil, err
 		}
+		dstHost, dstPort, err := util.SplitHostPort(pair[1])
+		if err != nil {
+			return nil, err
+		}
+		dialAddressMapping := DialAddressMapping{
+			SourceAddress:      net.JoinHostPort(srcHost, fmt.Sprint(srcPort)),
+			DestinationAddress: net.JoinHostPort(dstHost, fmt.Sprint(dstPort))}
+		dialMappings = append(dialMappings, dialAddressMapping)
 	}
 	return dialMappings, nil
 }
 
 func getListenerConfigs(serversMapping []string) ([]ListenerConfig, error) {
-	listenerConfigs := make([]ListenerConfig, 0)
-	if serversMapping != nil {
-		for _, v := range serversMapping {
-			pair := strings.Split(v, ",")
-			if len(pair) != 2 && len(pair) != 3 {
-				return nil, errors.New("server-mapping must be in form 'remotehost:remoteport,localhost:localport(,advhost:advport)'")
-			}
-			remoteHost, remotePort, err := util.SplitHostPort(pair[0])
-			if err != nil {
-				return nil, err
-			}
-			localHost, localPort, err := util.SplitHostPort(pair[1])
+	listenerConfigs := make([]ListenerConfig, 0, len(serversMapping))
+	for _, v := range serversMapping {
+		pair := strings.Split(v, ",")
+		if len(pair) != 2 && len(pair) != 3 {
+			return nil, errors.New("server-mapping must be in form 'remotehost:remoteport,localhost:localport(,advhost:advport)'")
+		}
+		remoteHost, remotePort, err := util.SplitHostPort(pair[0])
+		if err != nil {
+			return nil, err
+		}
+		localHost, localPort, err := util.SplitHostPort(pair[1])
+		if err != nil {
+			return nil, err
+		}
+		advertisedHost, advertisedPort := localHost, localPort
+		if len(pair) == 3 {
+			advertisedHost, advertisedPort, err = util.SplitHostPort(pair[2])
 			if err != nil {
 				return nil, err
 			}
-			advertisedHost, advertisedPort := localHost, localPort
-			if len(pair) == 3 {
-				advertisedHost, advertisedPort, err = util.SplitHostPort(pair[2])
-				if err != nil {
-					return nil, err
-				}
-			}
-
-			listenerConfig := ListenerConfig{
-				BrokerAddress:     net.JoinHostPort(remoteHost, fmt.Sprint(remotePort)),
-				ListenerAddress:   net.JoinHostPort(localHost, fmt.Sprint(localPort)),
-				AdvertisedAddress: net.JoinHostPort(advertisedHost, fmt.Sprint(advertisedPort))}
-			listenerConfigs = append(listenerConfigs, listenerConfig)
 		}
+
+		listenerConfig := ListenerConfig{
+			BrokerAddress:     net.JoinHostPort(remoteHost, fmt.Sprint(remotePort)),
+			ListenerAddress:   net.JoinHostPort(localHost, fmt.Sprint(localPort)),
+			AdvertisedAddress: net.JoinHostPort(advertisedHost, fmt.Sprint(advertisedPort))}
+		listenerConfigs = append(listenerConfigs, listenerConfig)
 	}
 	return listenerConfigs, nil
 }
@@ -361,7 +357,7 @@ func (c *Config) Validate() error {
 		return errors.New("MaxOpenRequests must be greater than 0")
 	}
 	// proxy
-	if c.Proxy.BootstrapServers == nil || len(c.Proxy.BootstrapServers) == 0 {
+	if len(c.Proxy.BootstrapServers) == 0 {
 		return errors.New("list of bootstrap-server-mapping must not be empty")
 	}
 	if c.Proxy.DefaultListenerIP == "" {

diff --git a/main.go b/main.go
@@ -13,7 +13,7 @@ var RootCmd = &cobra.Command{
 	Short: "Server that proxies requests to Kafka brokers",
 	Long:  ``,
 	Run: func(cmd *cobra.Command, args []string) {
-		cmd.Help()
+		_ = cmd.Help()
 		os.Exit(1)
 	},
 }

diff --git a/pkg/libs/googleid-info/factory.go b/pkg/libs/googleid-info/factory.go
@@ -36,7 +36,10 @@ func (t *Factory) New(params []string) (apis.TokenInfo, error) {
 	fs.Var(&pluginMeta.audience, "audience", "The audience of a token")
 	fs.Var(&pluginMeta.emailsRegex, "email-regex", "Regex of the email claim")
 
-	fs.Parse(params)
+	err := fs.Parse(params)
+	if err != nil {
+		return nil, err
+	}
 
 	opts := TokenInfoOptions{
 		Timeout:              pluginMeta.timeout,

diff --git a/pkg/libs/googleid-info/ticker.go b/pkg/libs/googleid-info/ticker.go
@@ -43,7 +43,7 @@ func (p *certsRefresher) refreshLoop() {
 	}
 }
 
-func (p *certsRefresher) refreshTick() error {
+func (p *certsRefresher) refreshTick() {
 	op := func() error {
 		return p.tokenInfo.refreshCerts()
 	}
@@ -52,10 +52,10 @@ func (p *certsRefresher) refreshTick() error {
 	backOff.MaxInterval = 2 * time.Minute
 	err := backoff.Retry(op, backOff)
 	if err != nil {
-		return err
+		logrus.Errorf("Certs refresh failed : %v", err)
+		return
 	}
 	kids := p.tokenInfo.getPublicKeyIDs()
 	sort.Strings(kids)
 	logrus.Infof("Refreshed certs Key IDs: %v", kids)
-	return nil
 }
diff --git a/pkg/libs/googleid-provider/factory.go b/pkg/libs/googleid-provider/factory.go
@@ -38,7 +38,10 @@ func (t *Factory) New(params []string) (apis.TokenProvider, error) {
 	fs.BoolVar(&pluginMeta.credentialsWatch, "credentials-watch", true, "Watch credential for reload")
 	fs.StringVar(&pluginMeta.targetAudience, "target-audience", "", "URI of audience claim")
 
-	fs.Parse(params)
+	err := fs.Parse(params)
+	if err != nil {
+		return nil, err
+	}
 
 	options := TokenProviderOptions{
 		Timeout:          pluginMeta.timeout,

diff --git a/pkg/libs/googleid-provider/plugin.go b/pkg/libs/googleid-provider/plugin.go
@@ -146,10 +146,7 @@ func renewLatest(token *googleid.Token) bool {
 	}
 	// renew before expiry
 	advExp := token.ClaimSet.Exp - int64(clockSkew.Seconds())
-	if nowFn().Unix() > advExp {
-		return true
-	}
-	return false
+	return nowFn().Unix() > advExp
 }
 
 // GetToken implements apis.TokenProvider.GetToken method

diff --git a/pkg/libs/googleid-provider/ticker.go b/pkg/libs/googleid-provider/ticker.go
@@ -87,8 +87,5 @@ func renewEarliest(claimSet *googleid.ClaimSet) bool {
 	refreshAfter := int64(validity / 2)
 	refreshTime := claimSet.Exp - int64(clockSkew.Seconds()) - refreshAfter
 	// logrus.Debugf("New refresh time %d (%v)", refreshTime, time.Unix(refreshTime, 0))
-	if nowFn().Unix() > refreshTime {
-		return true
-	}
-	return false
+	return nowFn().Unix() > refreshTime
 }
diff --git a/pkg/libs/googleid/service_account_test.go b/pkg/libs/googleid/service_account_test.go
@@ -11,14 +11,15 @@ import (
 
 func TestGetServiceAccountIDToken(t *testing.T) {
 	t.Skip() // Uncomment to execute
-
+	a := assert.New(t)
 	credentialsFile := filepath.Join(os.Getenv("HOME"), "kafka-gateway-service-account.json")
 	src, err := NewServiceAccountTokenSource(credentialsFile, "tcp://kafka-gateway.grepplabs.com")
+	a.Nil(err)
+
 	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 	defer cancel()
 	token, err := src.GetIDToken(ctx)
 
-	a := assert.New(t)
 	a.Nil(err)
 	a.NotEmpty(token)
 }
diff --git a/pkg/libs/oidc-provider/factory.go b/pkg/libs/oidc-provider/factory.go
@@ -38,8 +38,10 @@ func (t *Factory) New(params []string) (apis.TokenProvider, error) {
 	fs.BoolVar(&pluginMeta.credentialsWatch, "credentials-watch", true, "Watch credential for reload")
 	fs.StringVar(&pluginMeta.targetAudience, "target-audience", "", "URI of audience claim")
 
-	fs.Parse(params)
-
+	err := fs.Parse(params)
+	if err != nil {
+		return nil, err
+	}
 	options := TokenProviderOptions{
 		Timeout:          pluginMeta.timeout,
 		CredentialsWatch: pluginMeta.credentialsWatch,

diff --git a/pkg/libs/oidc-provider/plugin.go b/pkg/libs/oidc-provider/plugin.go
@@ -162,12 +162,7 @@ func renewLatest(token *oidc.Token) bool {
 	}
 	// renew before expiry
 	advExp := token.ClaimSet.Exp - int64(clockSkew.Seconds())
-
-	if nowFn().Unix() > advExp {
-		return true
-	}
-
-	return false
+	return nowFn().Unix() > advExp
 }
 
 // GetToken implements apis.TokenProvider.GetToken method
@@ -225,7 +220,7 @@ func getTokenSource(credentialsFilePath string, targetAud string) (idTokenSource
 
 	switch grantType.Name {
 	case "password":
-		passwordGrantSource, err := NewPasswordGrantSource(
+		passwordGrantSource, err := newPasswordGrantSource(
 			credentialsFilePath,
 			targetAud)
 
@@ -235,7 +230,7 @@ func getTokenSource(credentialsFilePath string, targetAud string) (idTokenSource
 
 		return passwordGrantSource, nil
 	default:
-		serviceAccountSource, err := NewServiceAccountSource(
+		serviceAccountSource, err := newServiceAccountSource(
 			credentialsFilePath,
 			targetAud)
 
@@ -263,14 +258,7 @@ func (p *serviceAccountSource) getServiceAccountTokenSource() *oidc.ServiceAccou
 	return p.source
 }
 
-func (p *serviceAccountSource) setServiceAccountTokenSource(source *oidc.ServiceAccountTokenSource) {
-	p.l.Lock()
-	defer p.l.Unlock()
-
-	p.source = source
-}
-
-func NewServiceAccountSource(credentialsFile string, targetAudience string) (*serviceAccountSource, error) {
+func newServiceAccountSource(credentialsFile string, targetAudience string) (*serviceAccountSource, error) {
 	source, err := oidc.NewServiceAccountTokenSource(credentialsFile, targetAudience)
 
 	if err != nil {
@@ -298,14 +286,7 @@ func (p *passwordGrantSource) getPasswordGrantTokenSource() *oidc.PasswordGrantT
 	return p.source
 }
 
-func (p *passwordGrantSource) setPasswordGrantTokenSource(source *oidc.PasswordGrantTokenSource) {
-	p.l.Lock()
-	defer p.l.Unlock()
-
-	p.source = source
-}
-
-func NewPasswordGrantSource(credentialsFile string, targetAudience string) (*passwordGrantSource, error) {
+func newPasswordGrantSource(credentialsFile string, targetAudience string) (*passwordGrantSource, error) {
 	source, err := oidc.NewPasswordGrantTokenSource(credentialsFile, targetAudience)
 
 	if err != nil {

diff --git a/pkg/libs/oidc-provider/plugin_test.go b/pkg/libs/oidc-provider/plugin_test.go
@@ -112,6 +112,7 @@ func TestGetToken(t *testing.T) {
 
 	actual, err := prov.GetToken(context.Background(), apis.TokenRequest{})
 	a.NotNil(token)
+	a.Nil(err)
 
 	exp := apis.TokenResponse{Success: true, Status: int32(StatusOK), Token: testToken}
 	a.Equal(exp, actual)
@@ -120,6 +121,7 @@ func TestGetToken(t *testing.T) {
 
 	actual, err = prov.GetToken(context.Background(), apis.TokenRequest{})
 	a.NotNil(token)
+	a.Nil(err)
 
 	exp = apis.TokenResponse{Success: true, Status: int32(StatusOK), Token: testToken}
 	a.Equal(exp, actual)

diff --git a/pkg/libs/oidc-provider/ticker.go b/pkg/libs/oidc-provider/ticker.go
@@ -109,9 +109,5 @@ func renewEarliest(claimSet *oidc.ClaimSet) bool {
 	refreshAfter := int64(validity / 2)
 	refreshTime := claimSet.Exp - int64(clockSkew.Seconds()) - refreshAfter
 	// logrus.Debugf("New refresh time %d (%v)", refreshTime, time.Unix(refreshTime, 0))
-	if nowFn().Unix() > refreshTime {
-		return true
-	}
-
-	return false
+	return nowFn().Unix() > refreshTime
 }
diff --git a/pkg/libs/oidc/service_account_test.go b/pkg/libs/oidc/service_account_test.go
@@ -12,14 +12,15 @@ import (
 
 func TestGetServiceAccountIDToken(t *testing.T) {
 	t.Skip() // Uncomment to execute
+	a := assert.New(t)
 
 	credentialsFile := filepath.Join(os.Getenv("HOME"), "kafka-gateway-service-account.json")
 	src, err := NewServiceAccountTokenSource(credentialsFile, "tcp://kafka-gateway.grepplabs.com")
+	a.Nil(err)
 	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 	defer cancel()
 	token, err := src.GetIDToken(ctx)
 
-	a := assert.New(t)
 	a.Nil(err)
 	a.NotEmpty(token)
 }